Security Alerts and Updates

December, 2017  (Click listings for more information).
08  Pre-Installed Keylogger Found On Over 460 HP Laptop Models.
08  Android Flaw Lets Hackers Inject Malware Into Apps.
08  Phishing embraces HTTPS, hoping you’ll “check for the padlock”.
07  Microsoft Issues Emergency Windows Security Update.
07  New Malware Evasion Technique Works On All Windows Versions.
07  Mozilla Releases Security Update for Firefox.
06  Google Releases Security Update for Chrome.
06  Apple Releases Multiple Software Security Updates.
06  Use TeamViewer? Fix this dangerous permissions bug.
05  Email Spoofing Flaw Affects Over 30 Popular Email Clients.
05  Keyboard App collects personal data on its 31 million users.
04  Smile, you’re on hidden webcam Airbnb TV.
04  Yet another flaw in Apple’s “iamroot” bug fix.
02  Security vulnerabilities fixed in Firefox 57.0.1.
PayPal phish asks to verify transactions—don’t do it.

November, 2017  (Click listings for more information).
30  HP installs telemetry bloatware on your PC-here’s how to remove it.
29  Websites mine cryptocurrency even when you close your browser.
29  Internet-paralyzing Mirai botnet comes back with new strain.
29  Apple Releases macOS High Sierra Security Update.
28  Hackers Exploit Recently Disclosed Microsoft Office Bug.
28  Bug in macOS lets you log in as admin with no password required.
27  Terror Exploit Kit Goes HTTPS All The Way.
26  Botnet Just Sent 12.5 Million Emails With Scarab Ransomware.
24  Imgur—Popular Image Sharing Site Was Hacked In 2014.
23  MS Office feature could be used to create self-replicating malware
21   Uber Paid Hackers to Delete Stolen Data on 57 Million People.
21   Critical flaws in Intel Processors leave millions of PCs vulnerable.
21   Android Location Data collected when Location Service is disabled.
20  Fund Targets Victims Scammed Via Western Union.
20  Windows ASLR Vulnerability.
20  Amazon to fix Key home security vulnerability.
20  OSX.Proton spreading through fake Symantec blog.
20  BankBot returns on Play Store – A recurring Android malware.
20  Amazon Echo and Google Home patched against BlueBorne threat.
20  No, you’re not paranoid. Sites really are watching your every move.
17   Banking Trojan can now steal Facebook, Twitter & Gmail accounts.
16   Security Tip – Securing the Internet of Things.
15   20 Million Amazon Echo & Google Home Devices Vulnerable.
15   Ransomware-spreading hackers sneak in through RDP.
14   Adobe, Microsoft Patch Critical Cracks.
14  Mozilla today launched Firefox 57, branded Firefox Quantum.
14  Mozilla Releases Security Updates.
14  Google takes strict steps against Apps abusing accessibility services.
14  Google study reveals how criminals break into Gmail accounts.
13   How to Opt Out of Equifax Revealing Your Salary History.
13   Hackers say they broke Apple’s Face ID.  We’re not convinced.
11    New Microsoft Word attacks infect PCs sans macros.
10   Microsoft introduces highly secure Windows 10 device standards.
10   How AV Can Open You to Attacks.
09  Microsoft Office Dynamic Data Exchange (DDE) Exploit.
08  Cryptojacking craze that drains your CPU now done by 2,500 sites.
06  Simple Banking Security Tip: Verbal Passwords.
06  Google Releases Security Update for Chrome.
03  Forgeries undermine the trust people place in digital certificates.
03  Smart Lock & iCloud Keychain, password managers for the rest of us.
03  Fake version of the WhatsApp messaging app for Android fools many.
02  iPhones get a KRACK patch and a Wi-Fi 0-day on the same day.
02  Equifax Reopens Salary Lookup Service.
01   Mind these digital crimes and arm yourself against them.

Real-World Protection Test – October 2017 (Graph)

Malware Removal Test 2017 (PDF)

October, 2017  (Click listings for more information).
31   Apple Releases Multiple Security Updates.
30  Firefox 58 to Block Canvas Browser Fingerprinting.
30  Sites and apps are exhausting your CPU to mine cryptocurrency.
30  Spoofing Links on Facebook.
27  Fear the Reaper, or Reaper Madness?
27  The iOS privacy loophole that’s staring you right in the face.
26  Please Don’t Buy This:  Smart Locks.
26  Google Releases Security Updates for Chrome.
25  Kaspersky says it didn’t knowingly help Russia steal NSA secrets.
24  Dell Lost Control of Key Customer Support Domain for a Month.
23  Reaper: Calm Before the IoT Security Storm?
22  Office DDE attack works in Outlook too – here’s what to do.
22  Google to add “DNS over TLS” security feature to Android OS.
20  Mac Malware OSX.Proton Strikes Again.
20  More Trouble in Google Play Land.
19   Microsoft Word DDE Exploit Being Used in Malware Attacks.
17   Impact of Security Software on System Performance (PDF).
17   Google Releases Security Updates for Chrome.
17   Yet more mobile adware found in Google Play.
16   Serious Crypto Flaw in Private RSA Keys Used in Billions of Devices.
16   List of Firmware & Driver Updates for KRACK WPA2 Vulnerability.
16   What You Should Know About the ‘KRACK’ WiFi Security Weakness.
16   Adobe Releases Security Updates for Flash Player.
16   Chrome & Firefox smoked by Edge in browser phishing test.
15   Flaw in WPA2 lets attackers intercept passwords and much more.
13   Google Embarrassed by Fake Adblocker That Served Ads.
12   Scam Alert: Your Trusted Friends Can Hack Your Facebook Account.
12   Equifax rival TransUnion also sends site visitors to malicious pages.
12   MS Office feature allows malware execution without macros enabled.
12   Equifax website borked again, redirects to fake Flash update.
11    Mozilla Releases Security Update for Thunderbird.
11    Watch out for these high-pressure Apple malware scams.
11    Microsoft’s October Patch Batch Fixes 62 Flaws.
10   Beware of sketchy iOS popups that want your Apple ID.
10   Kaspersky AV caught helping Russian hackers steal NSA secrets.
10   Equifax Hackers Also Stole Info on 693,665 UK Residents.
09  iPhone’s new “off” switch leaves Bluetooth and Wi-Fi turned on.
09  A week in security (October 02 – October 08).
08  Equifax Breach Fallout: Your Salary History.
06  Out of character: Homograph attacks explained.
06  Update your Androids, the October patches are out.
05  Chrome turns the screw ever tighter in Google’s encryption crusade.
05  Apple Releases macOS High Sierra 10.13 Supplemental Update.
04  Fear Not: You, Too, Are a Cybercrime Victim!
03  Code-execution flaws threaten users of routers, Linux, and other OSes.
03  Every Yahoo account that existed was compromised in 2013 hack.
03  Apple Releases Security Update for iOS.
03  The Google tracking feature you didn’t know you’d switched on.
02  Equifax says an additional 2.5 million impacted by data breach.
01   A week in security (September 25 – October 01).

Malware Protection Test September 2017 (PDF)

Real World Protection Test September 2017 (Chart)

September, 2017  (Click listings for more information).
28  Whole Foods Market Suffers Credit Card Breach in Some Stores.
28  Security vulnerabilities fixed in Firefox 56.
28  Tech support scammers abuse Taboola to serve malvertising.
27  Internet Explorer bug leaks whatever you type in the address bar.
26  Apple Releases iOS 11.0.1 Update With Fix for Exchange Email Bug.
26  Breach at Sonic May Have Impacted Millions of Credit, Debit Cards.
25  Security Alert: If You Use Java, Read This.
25  ZNIU: First Android Malware to Exploit Dirty COW Vulnerability.
25  Apple Releases Security Updates.
25  Deloitte Breach Affected All Company Email, Admin Accounts.
25  Drive-by mining and ads: The Wild Wild West.
24  Equifax or Equiphish?
24  A week in security (September 18 – September 24).
22  Netflix Scam Warning.
22  Google Tests Top 5 Browsers, Finds Safari Riddled With Security Bugs.
21   Fake IRS notice delivers customized spying tool.
21   Google Releases Security Updates for Chrome.
21   Modern chipsets can be hacked via their power management features.
21   Experian Site Can Give Anyone Your Credit Freeze PIN.
20  CCleaner Hack Carried Out In Order to Target Big Tech Companies.
20  Equifax Breach: Setting the Record Straight.
20  FTC providing partial refunds for Advanced Tech Support victims.
20  CryptoMix ransomware is appending .SHARK to encrypted file names.
19  Chrome Extension Embeds In-Browser Monero Miner.
19  Apple Releases Security Updates.
19  How to tell if your Mac is infected.
19  Chinese Mobile Antivirus App Caught Siphoning User Data.
19  What Does CCleaner Do, and Should You Use It?
19  Avast Clarifies Details Surrounding CCleaner Malware Incident.
18  Locky Ransomware switches to the Ykcol Extension for Encrypted Files.
18  CCleaner Malware Incident – What You Need to Know & How to Remove.
18  CCleaner Compromised to Distribute Malware for Almost a Month.
18   A week in security (September 11 – September 17).
16  Equifax Releases New Information About Security Breach.
16  Google will auto-delete Android backups if phone is unused for 2 weeks.
15  Adware installs InfoStealer Trojan that loads via Chrome DLL Hijacking.
14  Equifax Hackers Stole 200k Credit Card Accounts in One Fell Swoop.
14  Unwittingly Embedded Malware in Android Apps via Shady SDK.
14  SKEL Protection in macOS High Sierra can be bypassed.
14  FTC Alert – Equifax Isn’t Calling.
13   Adobe, Microsoft Plug Critical Security Holes.
13   Netgear WNR2000 Routers Used For Credential Stuffing Attacks.
12   BlueBorne Vulnerabilities Impact All Bluetooth Enabled Devices.
12   Computers Infected With Cryptocurrency Miners On The Rise.
11   The Equifax Breach: What You Should Know.
11   Intra-Library Collusion , a new kind of Android Malware.
09  Vulnerabilities discovered in firmware of D-Link DIR 850L routers.
08  Hurricane-Related Scams.
08  Android Oreo Bug Bypasses WiFi to Use Mobile Data.
08  Equifax Breach Response Turns Dumpster Fire.
07  New Toast Overlay Attack Revealed on Android Devices.
07  Breach at Equifax May Impact 143M Americans.
07  Apple and Google Fix Browser Bug. Microsoft Does Not.
06  Nation-sponsored hackers penetrate power grid networks.
05  Google Chrome 61 Released for Linux, Mac, and Windows.
05  TrustZone Downgrade Attack Threatens Android Devices.
04  Old “Loop Bug” Found to Affect Most Major PDF Viewers.
01   Vulnerabilities found in Android bootloader components.
01   The Week in Ransomware – Locky, Exploit Kits, & More.